/**
 * 
 */
package com.yuyi.controller;

import java.util.HashMap;
import java.util.Map;
import java.util.Objects;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import com.alibaba.fastjson.JSONObject;
import com.yuyi.service.UserInfoService;

/**
 * @author mcb
 *
 *         2018年8月20日 下午4:46:26
 */
@RestController
@RequestMapping("/user")
public class LoginController {

	Logger logger = LoggerFactory.getLogger(getClass());

	@PostMapping("/login")
	public ResponseEntity<Object> userLogin(@RequestParam String username, @RequestParam String password) {

		UsernamePasswordToken token = new UsernamePasswordToken(username, password);
		JSONObject json = new JSONObject();
		Subject subject = SecurityUtils.getSubject();
		try {
			subject.login(token);

		} catch (UnknownAccountException e) {
			json.put("code", "1");
			json.put("msg", "账号不存在");
			return new ResponseEntity<>(json, HttpStatus.OK);
		} catch (IncorrectCredentialsException e) {
			System.out.println("------------------------密码不正确");
			json.put("code", "2");
			json.put("msg", "密码不正确");
			return new ResponseEntity<>(json, HttpStatus.OK);
		}

		boolean isRole = subject.hasRole("vip");
		if (isRole == true) {
			json.put("msg", "登录成功");
		} else {
			json.put("msg", "权限不足");
		}
		json.put("code", "0");
		json.put("username", username);
		return new ResponseEntity<>(json, HttpStatus.OK);

	}

	/**
	 * 未登录，shiro应重定向到登录界面，此处返回未登录状态信息由前端控制跳转页面
	 * 
	 * @return
	 */
	@RequestMapping(value = "/unauth")
	@ResponseBody
	public Object unauth() {
		Map<String, Object> map = new HashMap<String, Object>();
		map.put("code", "1000000");
		map.put("msg", "未登录");
		return map;
	}

	@GetMapping("/logout")
	@ResponseBody
	public Object logout() {
		Subject subject = SecurityUtils.getSubject();
		JSONObject json = new JSONObject();
		if (Objects.equals(null, subject.getPrincipal())) {
			json.put("code", "3");
			json.put("msg", "未登录");
			return json;
		} else {
			subject.logout();
			json.put("code", "4");
			json.put("msg", "退出成功");
			return json;

		}

	}

	@Autowired
	@Qualifier("userInfoService")
	private UserInfoService userInfoService;

	/**
	 * @param username
	 * @param password
	 * 
	 * @return 注册 在新用户注册后，将其角色设置为2 记录他的 姓名 密码 状态 盐 用户名
	 */
	@PostMapping("/regist")
	public ResponseEntity<Object> userRegist(@RequestParam String username, @RequestParam String password) {
		int liginId = userInfoService.insertUserInfo(password, username);
		if (liginId == 1) {
			return new ResponseEntity<>(HttpStatus.OK);
		} else {
			return new ResponseEntity<>(HttpStatus.ACCEPTED);
		}

	}

}
